Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Mozilla recently announced that they would be dismissing 250 people. That's a quarter of their workforce so there are some deep cuts to their work too. The victims include: the MDN docs (those are the web standards docs everyone likes better than w3schools), the Rust compiler and even some cuts to Firefox development. Like most people I want to see Mozilla do well but those three projects comprise pretty much what I think of as the whole point of Mozilla, so this news is a a big let down. [...]
One of the most popular and most intuitive ways to evaluate an NGO is to judge how much of their spending is on their programme of works (or "mission") and how much is on other things, like administration and fundraising. [...] Mozilla looks bad when considered in this light. Fully 30% of all expenditure goes on administration. Charity Navigator, an organisation that measures NGO effectiveness, would give them zero out of ten on the relevant metric. [...]
Mozilla now thinks of itself less as a custodian of the old Netscape suite and more as a 'privacy NGO'. One slogan inside Mozilla is: "Beyond the Browser".
Regardless of how they view themselves, most of their income comes from helping to direct traffic to Google by making that search engine the default in Firefox. Google make money off that traffic via a big targeted advertising system that tracks people across the web and largely without their consent. Indeed, one of the reasons this income is falling is because as Firefox's usage falls less traffic is being directed Google's way and so Google will pay less.
There is, as yet, no outbreak of agreement among the moral philosophers as to a universal code of ethics. However I think most people would recognise hypocrisy in Mozilla's relationship with Google. Beyond the ethical problems, the relationship certainly seems to create conflicts of interest. Anyone would think that a privacy NGO would build anti-tracking countermeasures into their browser right from the start. In fact, this was only added relatively recently (in 2019), after both Apple (in 2017) and Brave (since release) paved the way. It certainly seems like Mozilla's status as a Google vassal has played a role in the absence of anti-tracking features in Firefox for so long.
I'd say look at the graph then skip to reading the "Results" section.
That's £2.4 million being paid annually to a single individual in a "non-profit" organization.
Here's their response when challenged:
Quote:
Originally Posted by https://answers.thenextweb.com/s/mitchell-baker-aGY62z
Elizabeth Lucas:
Please explain how your salary of $2.5 million couldn't be put to better use as part of Emerging Technology's budget?
MitchellBaker:
I’m going to divide this question into 3:
Should Mozilla have anyone other than engineers, or ET engineers?
If so, should Mozilla have “executives”; and
If so, how should Mozilla pay those execs?
...
Question 3: Executive compensation is a general topic -- are execs, esp CEOs paid too much? I'm of the camp that thinks the different between exec comp and other comp is high. So then i think, OK what should mozilla do about it? My answer is that we try to mitigate this, but we won't solve this general social problem on our own.
Here's what I mean by mitigate: we ask our executives to accept a discount from the market-based pay they could get elsewhere. But we don't ask for an 75-80% discount. I use that number because a few years ago when the then-ceo had our compensation structure examined, I learned that my pay was about an 80% discount to market. Meaning that competitive roles elsewhere were paying about 5 times as much. That's too big a discount to ask people and their families to commit to.
Hey Mozilla, hire me as chair for a 90%+ discount on the market and I'll give you both increasing browser usage and company growth within the year.
Regardless of how they view themselves, most of their income comes from helping to direct traffic to Google by making that search engine the default in Firefox. Google make money off that traffic via a big targeted advertising system that tracks people across the web and largely without their consent. Indeed, one of the reasons this income is falling is because as Firefox's usage falls less traffic is being directed Google's way and so Google will pay less.
If it were just the issue of a default search provider, I doubt google would have bankrolled it for so long. There is also the matter of other google services, silently installed and enabled by default. "Safe Browsing", which audits every URL you visit by sending that data to google, is the most important of these.
You have to consider that when google launched their own browser just over a decade ago, it was in direct competition to firefox, while still funding the project. By being funded primarily by google, one could argue that mozilla placed themselves in a position where they could be contained while allowing chrome to grow - as it did to a position of dominance in a very short space of time.
This is just another inevitable result of the loss of Free Software as the vital principle, to be replaced by the empty slogan, "Open Sauce".
When Software Freedom was the object of the overall exercise and the thing demanded by users, the development culture more nearly met that goal and the product itself respected the user's Freedoms - that was its reason for being!
Almost every discussion of Privacy treats it as resulting from some policy or legal definition, and always something to be granted to the user, optionally.
Privacy does not result from policy, privacy is the essential result of mutual respect among equals, and nothing else. I respect your privacy because I want you to respect mine, and we are both Free from intrusion on our private lives by the other. Privacy is lost to one when the other does not extend that respect to them, period.
Freedom absolutely must include freedom from unwanted tracking and data collection of our individual activities, online or otherwise, and Privacy is a by-product of that mutually respected Freedom. Loss of Privacy is the flashing red indicator light that tells you Freedom has been lost.
The Mozilla CEO's defense of their cut of the loot identifies the salary of other CEOs as the only real goal to be met, respect for the Freedom and Privacy of users of the product not being on the radar at all. So it is not surprising to see the product reflect that point of view.
All such changes in the behavior of what were once core Free Software custodians and institutions result at least in part from the loss of Software Freedom as the vital principle.
As long as users continue to use those products and accept those intrusions, the descent into darkness will only accelerate, following some CEO or Judas' goat shouting, "Open Sauce! Open Sauce!", all the way to the bottom.
MitchellBaker:
I’m going to divide this question into 3:
1) Should Mozilla have anyone other than engineers, or ET engineers?
2) If so, should Mozilla have “executives”; and
3) If so, how should Mozilla pay those execs?
4) Profit!
I see what he did there. He skipped straight to question #3. A savvy organization might answer "No, Mozilla should not have executives" and opt instead for decentralized management such as Teal or Holacracy.
I see what he did there. He skipped straight to question #3.
She answered those self-asked questions with irrelevant waffle, which is why I replaced them with the ellipsis. I probably should have made that removal more explicit.
The full text is at the URL at the top of the quote. (Requires a couple of third-party scripts to actually show the Q&A part of the page.)
Thanks for pointing that out. Woops, i assumed the wrong gender based on the name Mitchell. I DID read the full text before posting. I saw that she answered question #2, but her answer was pretty much "Trust me, in my experience you need executives."
This is just another inevitable result of the loss of Free Software as the vital principle, to be replaced by the empty slogan, "Open Sauce".[...]
Excellent post and agreed on all points.
For me, every time I try to see the positives on Mozilla, issues like this one rear their ugly heads and the misgivings about that corporation/foundation and the project itself remain.
Since its inception (September 2005), Mozilla Corporation has been
handling approvals. The way this works (and the way Red Hat and Novell
have already gone through the process for 1.0 and 1.5) is that you have
to submit patches that deviate from the source tarballs in order to
continue to use the trademark.
This is us attempting to tell you that what you are doing is not correct
and needs to change.
I can't think of any other examples of such behaviour from other projects offhand.
The Need for Data Collection
Service providers (well, we at Google, anyway) need information to improve our coverage and accuracy. This is a fact, and not some smoke and mirrors attempt to violate privacy. If someone does not wish to contribute their data to this effort, fine, but we really need to give those people that do want to contribute the opportunity to do so.
To be clear, there are two kinds of data that are important for us to collect if we want to improve the service:
explicit user reports of phishing sites (and false positives). User reports are a very valuable source of information for us, and it's a requirement that we're able to collect such reports. At the moment the extension adds an item to to the Tools menu that enables users to make such reports, but something more appropriate is probably warranted going forward.
automatic reports of "interesting" phishing-related events. In enhanced protection mode (and only in enhanced protection mode) the extension sends cookieless pings to the provider when certain "events" occur. At the moment these reports are generated when the user lands on a blacklisted page, when the user accepts or declines the warning dialog, and when the user navigates away from a phishing page. The information transmitted is what happened, and the URL (and, as we've said, no cookies).
We use this information to understand what's happening to the users of this feature. How often do people hit these sites? What sites are hit most often? How often do they actually heed the warning? etc.
You can see from the first paragraph of that section it attempts to make the case for data collection along with the rather telling "smoke and mirrors" statement (which would immediately have one assume that it is exactly "smoke and mirrors").
There is some faulty logic going on there. a) I doubt that even any of the users, who presumably wanted and downloaded, a free web browser, explicitly also wanted to "contribute" their data (in the form of all URLs visited) to google (a 3rd party) and b) the option was always ON by default and c) planted in the browser and marketed as a safety feature - with no visible disclaimers or initial "opt in/out" choice for the user regarding data being sent to google in the background.
Webpage and technical data to Google’s SafeBrowsing service: To help protect you from malicious downloads, Firefox sends basic information about unrecognized downloads to Google's SafeBrowsing Service, including the filename and the URL it was downloaded from. Learn more or read Google’s Privacy Policy. Opting out prevents Firefox from warning you of potentially illegitimate or malicious websites or downloaded files.
Google geolocation:
Quote:
Location data to Google's geolocation service: Firefox always asks before determining and sharing your location with a requesting website (for example, if a map website needs your location to provide directions). To determine location, Firefox may use your operating system’s geolocation features, Wi-fi networks, cell phone towers, or IP address, and may send this data to Google's geolocation service, which has its own privacy policy.
Nothing in initial installation, nor post installation config, indicates that google "geolocation" (again a 3rd party) will be in use as standard, nor is there a UI element to turn it off last time I checked (it's an about:config tunable). Again the user is directed to google's privacy policy.
There is also the DNS over HTTPS issue. This is yet another "opt out" and also smacks of yet more "smoke and mirrors":
Instead of being a user choice, the decision is made by those who "know best" and your DNS traffic is redirected via the infrastructure of a specific US based corporation. Once again the "opt out" takes the form of a "hidden" about config variable.
Note that this section is blatantly listed under the "risks": (!!!???)
Quote:
In the US, Firefox by default directs DoH queries to DNS servers that are operated by CloudFlare, meaning that CloudFlare has the ability to see users' queries. Mozilla has a strong Trusted Recursive Resolver (TRR) policy in place that forbids CloudFlare or any other DoH partner from collecting personal identifying information. To mitigate this risk, our partners are contractually bound to adhere to this policy.
No simple answer to that one. From my perspective, look at the evidence, read into the built in google provided telemetry in particular and then read the claims made here:
Disable DoH by default. While encrypting DNS might be a good thing, sending all DNS traffic to Cloudflare by default is not a good idea.
Applications should respect OS configured settings.
The DoH settings still can be overriden if needed. ok landry@ job@
The Mozilla rationale for DNS over HTTPS is simply:
Quote:
An extra layer of protection
DNS over HTTPS (DoH) helps keep internet service providers from selling your data.
So the solution for ISPs supposedly selling your data, is to pipe everything via a specific secure DNS provider - Cloudflare.
I for one am not impressed with Cloudflare's security, privacy or quality track records. Based on that, I don't trust Cloudflare to not sell the data it collects.
For me this looks like the latest "revenue stream" disguised as privacy/security stunt. As with search providers, there is a "deal" and I can see where this also opens the doors for yet more "deals", from competing DNS over HTTPS providers...
As long as FF keeps giving its (advanced) users almost full control (incl., afaics, ALL unasked-for connections) via user.js, all is not lost.
I still don't like what they're doing to the unwashed masses, though. And how many people they're overpaying for NOT coding.
It really has become "The lesser of two Evils".
ISTM the problem is that everyone wants a free lunch, but no such thing exists. If Mozilla is going to employ competent software engineers/coders/whatever, it has to pay them a decent wage. Like any other company, it expects to make a profit, else why exist at all. Money has to come from somewhere, and nobody is paying for a browser. You want a browser that is totally free from any sort of information sale, that is up to date, works well and is safe? You have to pay for that, one way or another, and compromises may have to be made. That's how capitalism works.
If Mozilla is going to employ competent software engineers/coders/whatever, it has to pay them a decent wage.
I believe the issue is not so much about overpaying developers, but an executive who is being paid an eye watering sum, while market share has fallen.
Quote:
Originally Posted by sgosnell
Like any other company, it expects to make a profit, else why exist at all. Money has to come from somewhere, and nobody is paying for a browser. You want a browser that is totally free from any sort of information sale, that is up to date, works well and is safe? You have to pay for that, one way or another, and compromises may have to be made. That's how capitalism works.
While I do somewhat agree, it's a "non-profit" organisation, not Alphabet, IBM or Oracle for example.
They subsist through donation, they make grand claims about privacy on their website, while distributing what many consider to be google's data mining / telemetry software, built in on an opt out basis. An all of that while casting aspersions about ISPs and other browsers.
According to that article the google deal is worth $400 - $450 million per year. So the privacy conscious "non profit" browser, gaining a huge chunk of it's income from a massive corporation who makes it's living from quite the opposite...
I did not mean to imply that the developers are overpaid, only that they must be paid. The corporations which support Mozilla do expect to make money from that support, one way or another. And in the end, There Ain't No Such Thing As A Free Lunch. There have been many attempts at developing competing browsers, and they have fallen by the wayside. That's unfortunate, but it's true. A viable, stable, robust, competitive browser that completely respects privacy seems to be an elusive pipedream. Firefox is far from perfect, but I see nothing better. I would be happy to be surprised.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
